Snort mailing list archives
Newbie Question on using snort
From: "IS Technical Services" <IS.TechSvc () clericalmedical com>
Date: Wed, 12 Nov 2003 14:12:30 +0100
I've been given the job of setting up snort in our environment and I've managed to get it all working on windows - 2 slave sensors logging to a master sensor. It produces alerts although maybe not as many as I'd expect but anyway. I've also got and read most of Brian Caswell's Snort 2.0 book. What I'm trying to find though are some good websites or books that explain how to customise the snort installation and why you would leave out certain rules and include others. Additionally, I'm also interested in finding information on how to read the alerts or rather what is alert xyz actually telling me. Apologies if these are fairly brain-dead questions but my network analysis experience is fairly limited. thanks Rupert Broad *********************************************************************** The information contained in this E-mail is confidential and may be subject to legal privilege. Access to this E-mail by anyone other than the intended recipient is unauthorised.If you are not the intended recipient, you must not use, copy, distribute or disclose the E-mail or any part of its contents or take any action in reliance on it. If you have received this E-mail in error, please notify us immediately by E-mail or telephone. All reasonable precautions have been taken to ensure no viruses are present in this E-mail. As Clerical Medical cannot accept responsibility for loss or damage arising from the use of this E-mail or attachments we recommend that you subject these to your virus checking procedures prior to use. Part of the HBOS Group Clerical Medical Investment Group Limited Registered Office 33 Old Broad Street London EC2N 1HZ Registered in England and Wales, Registered No. 3196171 Regulated by the Financial Services Authority. A member of ABI. For staff training and security purposes E-mail communications and telephone calls may be monitored or recorded. ***********************************************************************
Current thread:
- Newbie Question on using snort IS Technical Services (Nov 12)
- RES: Newbie Question on using snort Sp0oKeR Labs (Nov 12)
- Re: RES: Newbie Question on using snort Donna dm87 (Nov 12)
- RES: Newbie Question on using snort Sp0oKeR Labs (Nov 12)